Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

vote

1 answer

Why can't cron access a CIFS share using Kerberos authentication?

I'm on CentOS 6.4. Using kstart I have a TGT kept active using the machine account (ie computername$) from Active Directory. The ticket cache is assigned to root and is located at /tmp/krb5cc_0. I mount.cifs as root using sec=krb5. This works…

asked Sep 05 '13 at 18:16

Doug

vote

0 answers

Alfresco with Kerberos: Error creating bean with name globalAuthenticationFilter

I configured Alfresco 4.2.c to work with MIT Kerberos, following the documentation. Because the documentation is only for Active Directory, I adapted some part to Kerberos by reading the forum. Upon starting Alfresco, I get this error: 04:01:38,725…

kerberos alfresco mitkerberos

asked Sep 03 '13 at 04:54

Nicolas Raoul

1,314
7
22
43

vote

2 answers

Managing user and their credentials in kerberos and openldap system

I am learning to use openldap as backend database for kerberos credentials. It is good that all the programs are working with single sign on. The problem is - I can manage user from kadmin command prompt but there is no alternate method to do that.…

ldap openldap kerberos

asked Aug 30 '13 at 09:27

Gaurav

vote

1 answer

krenew command not working : Permission Denied

I am using a Linux server to perform my simulations. The login and the file-system of the server are protected using kerberos. The file-system is supported using NFS. Since my simulations take a lot of time to run, my ssh sessions used to hang…

linux kerberos byobu

asked Aug 26 '13 at 09:05

prathmesh.kallurkar

vote

0 answers

Problems with kvno + Consultation with kerberos authentication settings

I have clearly identified a problem that I can not solve. I suspect I'm missing something when setting the service running on Centos 6 on Windows Server 2003. First I tell the environment that I'm working and I'm trying to do, then the problem. I…

windows-server-2003 active-directory centos6 kerberos

asked Jul 26 '13 at 16:29

Maria José

vote

1 answer

Samba need an ip of same network of Windows Active Directory to make the join?

Im working to setup samba in windows network. The goal is windows users from Active Direcotry uses their passwords to log in samba shares. I am not sure if, in this setup, AD server and Samba Server have to be in the same network? Is mandatory? I…

samba kerberos winbind

asked Jul 12 '13 at 16:23

Rubendob

vote

1 answer

Conditional authentication based on group membership in AD

I need to authenticate AD users logging into their workstations only if they belong to the security group AT THE MOMENT OF AUTHENTICATION. They're being added to this privileged group right before they actually put in their passwords (they need to…

active-directory group-policy authentication kerberos

asked Jun 04 '13 at 10:05

Mike

vote

0 answers

Kerberos Single Sign On

I am trying to implement Single Sign On using kerberos with ssh. I changed the below files and restarted the ssh daemon. /etc/ssh_config GSSAPIAuthentication yes GSSAPIDelegateCredentials yes /etc/sshd_config GSSAPIAuthentication yes When I am…

ubuntu centos ssh kerberos

asked May 27 '13 at 17:10

kannanrbk

vote

1 answer

Troubleshooting NFS authentication problems

I am trying to mount a krb5p NFS export. For this I have followed these instructions. Line in /etc/exports: /home/users 192.168.1.0/24(rw,sec=krb5p,no_subtree_check,nohide,async,anonuid=65534,anongid=65534) When attempting the mount on the…

logging nfs kerberos

asked May 12 '13 at 13:00

d_inevitable

vote

1 answer

Cannot change Kerberos password with passwd

I set up a common kerberos authentication for my domain. After that, it's working fine without any issues. But a user cannot change the password using Linux command. On analysis on this, I got the below error in /var/log/auth.log: bharathi…

linux ubuntu kerberos

asked May 11 '13 at 12:17

kannanrbk

vote

1 answer

Dig Connection Error on SRV Records

Using Bind9 running on localhost. I have two records in my DNS zone file: _kerberos._udp.GROUP-42.SNOOPY.ISP IN SRV 0 0 88 kirby.group-42.snoopy.isp. kirby.group-42.snoopy.isp. IN A 10.44.42.129 I can run dig…

domain-name-system bind kerberos dig

asked Apr 28 '13 at 22:19

Takkun

vote

0 answers

CUPS Negotiate authentication woes

I have been struggling to Kerberize certain services within our domain, one of which is CUPS. The setup is as follows: a central print server connects to each individual printer around the domain and shares them, and each client connects to certain…

ubuntu kerberos cups

asked Mar 05 '13 at 13:33

Robin McCorkell

vote

1 answer

How do I find out the current remaining lifetime of my AFS tokens?

I can use klog to renew my AFS token, but I am wondering whether there is an equivalent command to view the remaining lifetime of my AFS token.

linux command-line-interface kerberos openafs

asked Mar 01 '13 at 11:24

merlin2011

vote

3 answers

SSH + Kerberos but WITHOUT DNS

I was wondering if there's a way to set up SSH with Kerberos authentication without using a DNS server at all ?

domain-name-system ssh kerberos

asked Feb 17 '13 at 22:40

mak

vote

1 answer

IIS, SQLServer, Google Chrome and Windows Authentication

I'm searching the internet for almost 4 days now and I'm stuck. I've created a simple ASP MVC4 Intranet website and I have deployed it to server called: iis. That computer is inside the same domain as I have my computer. Inside my domain I have 3…

iis iis-7.5 kerberos windows-authentication google-chrome

asked Feb 14 '13 at 16:38

Misiu

Prev 1 2 3

…

75 76 Next